Results 1 to 2 of 2
  1. #1
    Join Date
    Aug 2010
    Posts
    5

    Unanswered: PUBLIC & HttpClient

    Reviewing PUBLIC TAB_PRIVS privileges found that it has execute access to most part or even the whole set of HttpClient java API; can I consider it a security issue?

  2. #2
    Join Date
    Aug 2003
    Location
    Where the Surf Meets the Turf @Del Mar, CA
    Posts
    7,776
    Provided Answers: 1
    >can I consider it a security issue?
    You are free to be as paranoid & you deem appropriate.
    From my perspective, UTL_HTTP allows Oracle RDBMS to mimic the activity of a web browser.
    You could always disallow at the FireWall initiating connection requests on Port 80 from DB Server.
    You can lead some folks to knowledge, but you can not make them think.
    The average person thinks he's above average!
    For most folks, they don't know, what they don't know.
    Good judgement comes from experience. Experience comes from bad judgement.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •